BEA Systems, Inc.

weblogic.security.providers.authentication
Interface LDAPAuthenticatorMBean

All Known Subinterfaces:
ActiveDirectoryAuthenticatorMBean, IPlanetAuthenticatorMBean, NovellAuthenticatorMBean, OpenLDAPAuthenticatorMBean
public interface LDAPAuthenticatorMBean
extends weblogic.management.commo.StandardInterface, AuthenticatorMBean, LDAPServerMBean, UserReaderMBean, GroupReaderMBean, GroupMemberListerMBean, MemberGroupListerMBean, UserPasswordEditorMBean

This MBeans represents configuration attributes for the WebLogic LDAP Authentication provider, including schema definitions.

Method Summary
 java.lang.String getAllGroupsFilter()
          An LDAP search filter for finding all groups beneath the base group distinguished name (DN).
 java.lang.String getAllUsersFilter()
          An LDAP search filter for finding all users beneath the base user distinguished name (DN).
 java.lang.String getDescription()
          A short description of the LDAP Authentication provider.
 java.lang.String getDynamicGroupNameAttribute()
          The attribute of a dynamic LDAP group object that specifies the name of the group.
 java.lang.String getDynamicGroupObjectClass()
          The LDAP object class that stores dynamic groups.
 java.lang.String getDynamicMemberURLAttribute()
          The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.
 java.lang.String getGroupBaseDN()
          The base distinguished name (DN) of the tree in the LDAP directory that contains groups.
 java.lang.String getGroupFromNameFilter()
          An LDAP search filter for finding a group given the name of the group.
 java.lang.String getGroupMembershipSearching()
          Specifies whether recursive group membership searching is unlimited or limited.
 java.lang.String getGroupSearchScope()
          Specifies how deep in the LDAP directory tree to search for groups.
 java.lang.Integer getMaxGroupMembershipSearchLevel()
          This specifies how many levels of group membership can be searched.
 java.lang.String getProviderClassName()
          The name of the Java class used to load the WebLogic LDAP Authentication provider.
 java.lang.String getStaticGroupDNsfromMemberDNFilter()
          An LDAP search filter that, given the distinguished name (DN) of a member of a group, returns the DNs of the static LDAP broups that contain that member.
 java.lang.String getStaticGroupNameAttribute()
          The attribute of a static LDAP group object that specifies the name of the group.
 java.lang.String getStaticGroupObjectClass()
          The name of the LDAP object class that stores static groups.
 java.lang.String getStaticMemberDNAttribute()
          The attribute of an LDAP group object that specifies the distinguished names (DNs) of the members of the group.
 java.lang.String getUserBaseDN()
          The base distinguished name (DN) of the tree in the LDAP directory that contains users.
 java.lang.String getUserDynamicGroupDNAttribute()
          The attribute of an LDAP user object that specifies the distinguished names (DNs) of dynamic groups to which this user belongs.
 java.lang.String getUserFromNameFilter()
          An LDAP search filter for finding a user given the name of the user.
 java.lang.String getUserNameAttribute()
          The attribute of an LDAP user object that specifies the name of the user.
 java.lang.String getUserObjectClass()
          The LDAP object class that stores users.
 java.lang.String getUserSearchScope()
          Specifies how deep in the LDAP directory tree to search for Users.
 java.lang.String getVersion()
          The version number of the WebLogic Authentication provider.
 void setAllGroupsFilter(java.lang.String newValue)
          An LDAP search filter for finding all groups beneath the base group distinguished name (DN).
 void setAllUsersFilter(java.lang.String newValue)
          An LDAP search filter for finding all users beneath the base user distinguished name (DN).
 void setDynamicGroupNameAttribute(java.lang.String newValue)
          The attribute of a dynamic LDAP group object that specifies the name of the group.
 void setDynamicGroupObjectClass(java.lang.String newValue)
          The LDAP object class that stores dynamic groups.
 void setDynamicMemberURLAttribute(java.lang.String newValue)
          The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.
 void setGroupBaseDN(java.lang.String newValue)
          The base distinguished name (DN) of the tree in the LDAP directory that contains groups.
 void setGroupFromNameFilter(java.lang.String newValue)
          An LDAP search filter for finding a group given the name of the group.
 void setGroupMembershipSearching(java.lang.String newValue)
          Specifies whether recursive group membership searching is unlimited or limited.
 void setGroupSearchScope(java.lang.String newValue)
          Specifies how deep in the LDAP directory tree to search for groups.
 void setMaxGroupMembershipSearchLevel(java.lang.Integer newValue)
          This specifies how many levels of group membership can be searched.
 void setStaticGroupDNsfromMemberDNFilter(java.lang.String newValue)
          An LDAP search filter that, given the distinguished name (DN) of a member of a group, returns the DNs of the static LDAP broups that contain that member.
 void setStaticGroupNameAttribute(java.lang.String newValue)
          The attribute of a static LDAP group object that specifies the name of the group.
 void setStaticGroupObjectClass(java.lang.String newValue)
          The name of the LDAP object class that stores static groups.
 void setStaticMemberDNAttribute(java.lang.String newValue)
          The attribute of an LDAP group object that specifies the distinguished names (DNs) of the members of the group.
 void setUserBaseDN(java.lang.String newValue)
          The base distinguished name (DN) of the tree in the LDAP directory that contains users.
 void setUserDynamicGroupDNAttribute(java.lang.String newValue)
          The attribute of an LDAP user object that specifies the distinguished names (DNs) of dynamic groups to which this user belongs.
 void setUserFromNameFilter(java.lang.String newValue)
          An LDAP search filter for finding a user given the name of the user.
 void setUserNameAttribute(java.lang.String newValue)
          The attribute of an LDAP user object that specifies the name of the user.
 void setUserObjectClass(java.lang.String newValue)
          The LDAP object class that stores users.
 void setUserSearchScope(java.lang.String newValue)
          Specifies how deep in the LDAP directory tree to search for Users.
 
Methods inherited from interface weblogic.management.security.authentication.AuthenticatorMBean
getControlFlag, setControlFlag
 
Methods inherited from interface weblogic.management.utils.LDAPServerMBean
getCacheSize, getCacheTTL, getConnectTimeout, getCredential, getHost, getParallelConnectDelay, getPort, getPrincipal, getResultsTimeLimit, isBindAnonymouslyOnReferrals, isCacheEnabled, isFollowReferrals, isSSLEnabled, setBindAnonymouslyOnReferrals, setCacheEnabled, setCacheSize, setCacheTTL, setConnectTimeout, setCredential, setFollowReferrals, setHost, setParallelConnectDelay, setPort, setPrincipal, setResultsTimeLimit, setSSLEnabled
 
Methods inherited from interface weblogic.management.security.authentication.UserReaderMBean
getUserDescription, listUsers, userExists
 
Methods inherited from interface weblogic.management.security.authentication.GroupMemberListerMBean
listGroupMembers
 
Methods inherited from interface weblogic.management.security.authentication.MemberGroupListerMBean
listMemberGroups
 
Methods inherited from interface weblogic.management.security.authentication.UserPasswordEditorMBean
changeUserPassword, resetUserPassword
 
Methods inherited from interface weblogic.management.security.ProviderMBean
getRealm, setRealm
 

Method Detail

getProviderClassName

public java.lang.String getProviderClassName()
The name of the Java class used to load the WebLogic LDAP Authentication provider.

Default Value: "weblogic.security.providers.authentication.LDAPAuthenticationProviderImpl"

getDescription

public java.lang.String getDescription()
A short description of the LDAP Authentication provider.

Default Value: "Provider that performs LDAP Authentication"

getVersion

public java.lang.String getVersion()
The version number of the WebLogic Authentication provider.

Default Value: "1.0"

getUserObjectClass

public java.lang.String getUserObjectClass()
The LDAP object class that stores users.

Default Value: "person"

setUserObjectClass

public void setUserObjectClass(java.lang.String newValue)
                        throws javax.management.InvalidAttributeValueException
The LDAP object class that stores users.

Parameters:
newValue - - new value for attribute UserObjectClass
Throws:
javax.management.InvalidAttributeValueException -  

getUserNameAttribute

public java.lang.String getUserNameAttribute()
The attribute of an LDAP user object that specifies the name of the user.

Default Value: "uid"

setUserNameAttribute

public void setUserNameAttribute(java.lang.String newValue)
                          throws javax.management.InvalidAttributeValueException
The attribute of an LDAP user object that specifies the name of the user.

Parameters:
newValue - - new value for attribute UserNameAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getUserDynamicGroupDNAttribute

public java.lang.String getUserDynamicGroupDNAttribute()
The attribute of an LDAP user object that specifies the distinguished names (DNs) of dynamic groups to which this user belongs. If such an attribute does not exist, WebLogic Server determines if a user is a member of a group by evaluating the URLs on the dynamic group. If a group contains other groups, WebLogic Server evaluates the URLs on any of the descendents of the group.

setUserDynamicGroupDNAttribute

public void setUserDynamicGroupDNAttribute(java.lang.String newValue)
                                    throws javax.management.InvalidAttributeValueException
The attribute of an LDAP user object that specifies the distinguished names (DNs) of dynamic groups to which this user belongs. If such an attribute does not exist, WebLogic Server determines if a user is a member of a group by evaluating the URLs on the dynamic group. If a group contains other groups, WebLogic Server evaluates the URLs on any of the descendents of the group.

Parameters:
newValue - - new value for attribute UserDynamicGroupDNAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getUserBaseDN

public java.lang.String getUserBaseDN()
The base distinguished name (DN) of the tree in the LDAP directory that contains users.

Default Value: "ou=people, o=example.com"

setUserBaseDN

public void setUserBaseDN(java.lang.String newValue)
                   throws javax.management.InvalidAttributeValueException
The base distinguished name (DN) of the tree in the LDAP directory that contains users.

Parameters:
newValue - - new value for attribute UserBaseDN
Throws:
javax.management.InvalidAttributeValueException -  

getUserSearchScope

public java.lang.String getUserSearchScope()
Specifies how deep in the LDAP directory tree to search for Users. Valid values are subtree and onelevel.

Default Value: "subtree"
Legal Values: subtree,onelevel

setUserSearchScope

public void setUserSearchScope(java.lang.String newValue)
                        throws javax.management.InvalidAttributeValueException
Specifies how deep in the LDAP directory tree to search for Users. Valid values are subtree and onelevel.

Parameters:
newValue - - new value for attribute UserSearchScope
Throws:
javax.management.InvalidAttributeValueException -  

getUserFromNameFilter

public java.lang.String getUserFromNameFilter()
An LDAP search filter for finding a user given the name of the user. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Default Value: "(&(uid=%u)(objectclass=person))"

setUserFromNameFilter

public void setUserFromNameFilter(java.lang.String newValue)
                           throws javax.management.InvalidAttributeValueException
An LDAP search filter for finding a user given the name of the user. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Parameters:
newValue - - new value for attribute UserFromNameFilter
Throws:
javax.management.InvalidAttributeValueException -  

getAllUsersFilter

public java.lang.String getAllUsersFilter()
An LDAP search filter for finding all users beneath the base user distinguished name (DN). If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

setAllUsersFilter

public void setAllUsersFilter(java.lang.String newValue)
                       throws javax.management.InvalidAttributeValueException
An LDAP search filter for finding all users beneath the base user distinguished name (DN). If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the user schema.

Parameters:
newValue - - new value for attribute AllUsersFilter
Throws:
javax.management.InvalidAttributeValueException -  

getGroupBaseDN

public java.lang.String getGroupBaseDN()
The base distinguished name (DN) of the tree in the LDAP directory that contains groups.

Default Value: "ou=groups, o=example.com"

setGroupBaseDN

public void setGroupBaseDN(java.lang.String newValue)
                    throws javax.management.InvalidAttributeValueException
The base distinguished name (DN) of the tree in the LDAP directory that contains groups.

Parameters:
newValue - - new value for attribute GroupBaseDN
Throws:
javax.management.InvalidAttributeValueException -  

getGroupSearchScope

public java.lang.String getGroupSearchScope()
Specifies how deep in the LDAP directory tree to search for groups. Valid values are subtree and onelevel.

Default Value: "subtree"
Legal Values: subtree,onelevel

setGroupSearchScope

public void setGroupSearchScope(java.lang.String newValue)
                         throws javax.management.InvalidAttributeValueException
Specifies how deep in the LDAP directory tree to search for groups. Valid values are subtree and onelevel.

Parameters:
newValue - - new value for attribute GroupSearchScope
Throws:
javax.management.InvalidAttributeValueException -  

getGroupFromNameFilter

public java.lang.String getGroupFromNameFilter()
An LDAP search filter for finding a group given the name of the group. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Default Value: "(&(cn=%g)(objectclass=groupofuniquenames))"

setGroupFromNameFilter

public void setGroupFromNameFilter(java.lang.String newValue)
                            throws javax.management.InvalidAttributeValueException
An LDAP search filter for finding a group given the name of the group. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Parameters:
newValue - - new value for attribute GroupFromNameFilter
Throws:
javax.management.InvalidAttributeValueException -  

getAllGroupsFilter

public java.lang.String getAllGroupsFilter()
An LDAP search filter for finding all groups beneath the base group distinguished name (DN). If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the Group schema.

setAllGroupsFilter

public void setAllGroupsFilter(java.lang.String newValue)
                        throws javax.management.InvalidAttributeValueException
An LDAP search filter for finding all groups beneath the base group distinguished name (DN). If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the Group schema.

Parameters:
newValue - - new value for attribute AllGroupsFilter
Throws:
javax.management.InvalidAttributeValueException -  

getStaticGroupObjectClass

public java.lang.String getStaticGroupObjectClass()
The name of the LDAP object class that stores static groups.

Default Value: "groupofuniquenames"

setStaticGroupObjectClass

public void setStaticGroupObjectClass(java.lang.String newValue)
                               throws javax.management.InvalidAttributeValueException
The name of the LDAP object class that stores static groups.

Parameters:
newValue - - new value for attribute StaticGroupObjectClass
Throws:
javax.management.InvalidAttributeValueException -  

getStaticGroupNameAttribute

public java.lang.String getStaticGroupNameAttribute()
The attribute of a static LDAP group object that specifies the name of the group.

Default Value: "cn"

setStaticGroupNameAttribute

public void setStaticGroupNameAttribute(java.lang.String newValue)
                                 throws javax.management.InvalidAttributeValueException
The attribute of a static LDAP group object that specifies the name of the group.

Parameters:
newValue - - new value for attribute StaticGroupNameAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getStaticMemberDNAttribute

public java.lang.String getStaticMemberDNAttribute()
The attribute of an LDAP group object that specifies the distinguished names (DNs) of the members of the group.

Default Value: "uniquemember"

setStaticMemberDNAttribute

public void setStaticMemberDNAttribute(java.lang.String newValue)
                                throws javax.management.InvalidAttributeValueException
The attribute of an LDAP group object that specifies the distinguished names (DNs) of the members of the group.

Parameters:
newValue - - new value for attribute StaticMemberDNAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getStaticGroupDNsfromMemberDNFilter

public java.lang.String getStaticGroupDNsfromMemberDNFilter()
An LDAP search filter that, given the distinguished name (DN) of a member of a group, returns the DNs of the static LDAP broups that contain that member. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Default Value: "(&(uniquemember=%M)(objectclass=groupofuniquenames))"

setStaticGroupDNsfromMemberDNFilter

public void setStaticGroupDNsfromMemberDNFilter(java.lang.String newValue)
                                         throws javax.management.InvalidAttributeValueException
An LDAP search filter that, given the distinguished name (DN) of a member of a group, returns the DNs of the static LDAP broups that contain that member. If the attribute is not specified (that is, if the attribute is null or empty), a default search filter is created based on the group schema.

Parameters:
newValue - - new value for attribute StaticGroupDNsfromMemberDNFilter
Throws:
javax.management.InvalidAttributeValueException -  

getDynamicGroupObjectClass

public java.lang.String getDynamicGroupObjectClass()
The LDAP object class that stores dynamic groups.

setDynamicGroupObjectClass

public void setDynamicGroupObjectClass(java.lang.String newValue)
                                throws javax.management.InvalidAttributeValueException
The LDAP object class that stores dynamic groups.

Parameters:
newValue - - new value for attribute DynamicGroupObjectClass
Throws:
javax.management.InvalidAttributeValueException -  

getDynamicGroupNameAttribute

public java.lang.String getDynamicGroupNameAttribute()
The attribute of a dynamic LDAP group object that specifies the name of the group.

setDynamicGroupNameAttribute

public void setDynamicGroupNameAttribute(java.lang.String newValue)
                                  throws javax.management.InvalidAttributeValueException
The attribute of a dynamic LDAP group object that specifies the name of the group.

Parameters:
newValue - - new value for attribute DynamicGroupNameAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getDynamicMemberURLAttribute

public java.lang.String getDynamicMemberURLAttribute()
The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.

setDynamicMemberURLAttribute

public void setDynamicMemberURLAttribute(java.lang.String newValue)
                                  throws javax.management.InvalidAttributeValueException
The attribute of the dynamic LDAP group object that specifies the URLs of the members of the dynamic group.

Parameters:
newValue - - new value for attribute DynamicMemberURLAttribute
Throws:
javax.management.InvalidAttributeValueException -  

getGroupMembershipSearching

public java.lang.String getGroupMembershipSearching()
Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited.

Default Value: "unlimited"
Legal Values: unlimited,limited

setGroupMembershipSearching

public void setGroupMembershipSearching(java.lang.String newValue)
                                 throws javax.management.InvalidAttributeValueException
Specifies whether recursive group membership searching is unlimited or limited. Valid values are unlimited and limited.

Parameters:
newValue - - new value for attribute GroupMembershipSearching
Throws:
javax.management.InvalidAttributeValueException -  

getMaxGroupMembershipSearchLevel

public java.lang.Integer getMaxGroupMembershipSearchLevel()
This specifies how many levels of group membership can be searched. This setting is valid only if GroupMemberShipSearching is set to limite d Valid values are 0, and positive integers. For example, 0 indicates only direct group memberships will be found, positive number indicates the number of levels to go down.

Default Value: new Integer(0)

setMaxGroupMembershipSearchLevel

public void setMaxGroupMembershipSearchLevel(java.lang.Integer newValue)
                                      throws javax.management.InvalidAttributeValueException
This specifies how many levels of group membership can be searched. This setting is valid only if GroupMemberShipSearching is set to limite d Valid values are 0, and positive integers. For example, 0 indicates only direct group memberships will be found, positive number indicates the number of levels to go down.

Parameters:
newValue - - new value for attribute MaxGroupMembershipSearchLevel
Throws:
javax.management.InvalidAttributeValueException -  
Documentation is available at
http://download.oracle.com/docs/cd/E13222_01/wls/docs70
Copyright © 2004 BEA Systems, Inc. All Rights Reserved.
WebLogic Server 7.0 API Reference